Search squid archive

Re: squid_ldap_group false negatives

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 8/12/2011 5:24 p.m., Eugene M. Zheganin wrote:
Hi.

On 07.12.2011 17:44, Amos Jeffries wrote:
Minor bug, the bracketed () message is wrong about the state. It is actually still waiting for the lookup to complete.

What you should find is that some unknown time later (helper response delay, maybe up to 50-100 milliseconds?) you get another mention of testing checklist 0x802797a18. That will have a second allow/skip action response to this test followed by any continuing steps the ACL lookups may have done.

Okay. You were of course right, I did found that ACL finally matched.
So may be this post isn't at all about the subject. I remember thet in 2.6 there was an explicit message about the reason of allowing or disallowing a request, it sounded like 'The request of Foo/Bar was <allowed|denied> because it matched the <ACL name>'. It looks like in 3.x there's no such explicit message, is it ? May be there's a similar message, so can you please point to it, so I can debug further ?

This is displayed at:  debug_options 85,2

NP: the "allowed/denied" has changed to a number in the more recent 3.x versions to debug the allow/deny/dunno/auth-required/auth-failed/auth-missing/auth-expired-but-okay states and other extensions to the ACL system.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux